CVE-2021-35251 MEDIUM

CVE-2021-35251: Sensitive Data Disclosure Vulnerability

Vendor Solarwinds
Product Web Help Desk
Weakness CWE-209 · Error message info leak
Published March 9, 2022
Last update September 16, 2024

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details about the Web Help Desk installation.

Key dates

02Disclosure timeline

March 9, 2022 CVE published
September 16, 2024 Record updated